Connect with us
Our website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

Business

BYOD reduces CAPEX, but at what cost to security?

BYOD reduces CAPEX, but at what cost to security? 3

BYOD reduces CAPEX, but at what cost to security? 4By Dave Waterson, CEO, SentryBay

In the Autumn of 2020, Gartner described two technologies that would have a transformational impact on global businesses within the next 10 years. One of these was secure access service edge, and the other was Bring Your Own PC (BYOPC). Driven by the need to ensure remote workers could continue to be productive, enabling the use of their own personal device, whether through a BYOPC or Bring your own Device (BYOD) approach became essential.

But as the modern workplace has altered and become more diversified, new approaches to technology and its usage must be backed up with an equally fresh approach to cybersecurity. The National Cyber Security Centre has recently updated its advice with regard to designing, implementing and managing IT configurations based on a BYOD model. The Centre issued a stark warning to companies – if you have given BYOD users admin access to company resources, revoke it immediately, then come back. What it means by this is that planning is needed for new BYOD deployments, and a quick fix will not be enough to stave off the cybersecurity risks.

Keeping control of access

There is no doubt that BYOPC and BYOD have helped many organisations to manage the cost and feasibility of connecting remote workers and stakeholders such as partners and suppliers. But in sacrificing full control of the device, CISOs need to armour their corporate networks so they do have full control over access, regardless of whether they are working virtually, on the cloud or on-premises.

Unmanaged endpoints, or devices on which the security posture is not updated constantly, represent a threat. If they are compromised by malware or hackers, they are at risk of keylogging or screen scraping attacks which can capture confidential or sensitive data. Other malware uses browser attacks which aim to exploit the log-in process of remote access systems.

As the use of BYOD grows, so too does the risk of attack. While it can be challenging for security leaders to control devices, and even operating system levels or application versions (including browsers) remotely, it is certainly not an impossible task. The best way to move forward is by deploying complementary layers of solutions and services that come together to deter threats.

Most fundamental is the need for a zero-trust approach which should blanket the entire network and all endpoints that connect with it. It might seem extreme to treat all users (and their devices) as a threat by default, but it is the only way to ensure that they can be verified. It’s why the adage “Never trust, always verify” has become so significant.

Taking a sophisticated approach

CISO’s must also adopt more sophisticated strategies than internet security, anti-virus software and securing the wireless network with virtual private networking (VPNs). The past months have proven that with new ways of working, this old triumvirate is no longer enough to ward off attack and certainly each individual approach will not be sufficient.

Our recommendation is that security leaders specify and deploy software and solutions that have been specifically designed to protect endpoints and work as part of a zero trust approach. They ‘wrap’ data and applications securely to counteract cyberattacks particularly from common threats including keyloggers, screen scrapers, browser-based attacks, file interception, RDP double-hop or VNC attacks.

It’s important not to underestimate the impact of these attacks. Key logging and screen grabbing are widely used to access sensitive data. If a keylogger is installed on a remote endpoint device which has a lower security posture than it would have within a secure network, cyber-attackers can gain full access as the user logs-in and to everything the user enters at the keyboard or displays on the local device.

For this reason security software that protects data entry on unmanaged devices, particularly those that work with remote access apps like Citrix, VMWare, WVD, web browsers and Microsoft Office applications, is vital as part of a comprehensive, layered approach when deploying or redeploying BYOD.

The message is clear that BYOD needs careful consideration and planning. It is highly effective at reducing capital expenditure on devices and it impacts positively on the time and cost of maintaining equipment, but that should not be at the cost of security. Data must be adequately protected from the moment it is entered at the keyboard or on the screen to the moment it reaches its destination, regardless of who owns or manages the device or its location.

Global Banking and Finance Review Awards Nominations 2022
2022 Awards now open. Click Here to Nominate

Advertisement

Newsletters with Secrets & Analysis. Subscribe Now